Otherwise you have the potential of locking yourself out of all applications including AppLocker.AppLocker is a powerful feature included in Windows 7 and we showed you a basic rule so you can get an idea of how it works. Use caution when configuring the rules and only start the Application Identity service after everything looks right. Only an Administrator can go in and change the rule. Now, when Jack logs into his user account and tries to access the games he will only see the following message. By default this service is not started so you will need to enable it. Now you will see the default rules and the new one you created showing Jack is denied access to the Microsoft Games directory.Īfter creating the rule make sure and go into services and make Application Identification is started and that it’s set to automatically start as well otherwise the rules won’t work. It is important to make sure they are created so click Yes to this message. When everything looks right click on Create.Ī message pops up saying default rules haven’t been created yet. Here you can add a description to the rule so you can keep track of them is there are several rules configured. In the next screen you could add Exceptions like allowing certain files, but because we are blocking the entire games directory we’ll skip to the next screen. so we will select Path.Ĭlick on Browse Folders and select the Microsoft Games folder. We don’t want Jack to have access to any of the games. In Conditions you can select from Publisher, Path or File hash. Select Permissions under Action select Deny.Īdd the user you want to block, in this case it’s Jack.Īfter you’ve selected the deny action and selected the user continue to the next step. This opens up the Create Executable Rules wizard and you can select not to show the introduction screen at start up for the next time you access it. Since this is your first time accessing AppLocker, there will be no rules listed. After completing the steps above, under the Overview section click on Executable Rules. In this scenario, Jack wastes time playing games like Minesweeper and Solitaire when he should be doing his homework, so we are going to block all of the games. Now under AppLocker Properties check the boxes next to Configured under Executable rules then click Ok. Under Configure Rule Enforcement click on the Configure rule enforcement link. Now you will see the overall controls for the applications. ![]() Under Local Computer Policy go to Computer Configuration \ Windows Settings \ Security Settings \ Application Control Policies \ AppLocker. Click on Start and type gpedit.msc into the search box and hit Enter. To access Group Policy Editor and create rules in AppLocker you’ll need to be logged in as Administrator. Note: AppLocker is only available in Ultimate and Enterprise versions of Windows 7. Today we take a quick look at restricting what programs other users can access using AppLocker. If you share a computer and don’t want other users accessing certain applications, there is a new feature in Windows 7 that allows you to block them.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |